January 15, 2019 New Reverse Proxy Tool Can Bypass Two-Factor Authentication and Automate Phishing Attacks 2 min read - A new reverse proxy tool called Modlishka can easily automate phishing attacks and bypass two-factor authentication (2FA) — and it's available for download on GitHub.
January 14, 2019 The Dark Overlord Claims to Have Stolen Secrets of 9/11 Attacks in Law Firm Data Breach 2 min read - The threat group known as The Dark Overlord has claimed responsibility for a law firm data breach involving files allegedly related to the 9/11 terrorist attacks.
January 8, 2019 Malvertising Campaign Delivers Vidar Information Stealer and GandCrab Ransomware 2 min read - Researchers have spotted a malvertising campaign that is delivering two payloads to victims: the Vidar information stealer and GandCrab ransomware.
Application Security January 7, 2019 The System Development Life Cycle: A Phased Approach to Application Security 7 min read - By completing the phases of the system development life cycle (SDLC), security teams can integrate processes and technologies into the development process and improve application security.
January 4, 2019 Ursnif, Emotet, Dridex and BitPaymer Malware Families Team Up to Wreak Havoc 2 min read - Researchers discovered a link between four malware families — Ursnif, Emotet, Dridex and BitPaymer — that suggests threat actors may be combining efforts to develop more sophisticated attack vectors.
Application Security January 4, 2019 New Year, New Risks: 3 Application Security Resolutions You Should Adopt in 2019 5 min read - To ring in the new year, application security teams should resolve to implement more security into the development process, prioritize consumer trust and pay more attention to false negatives.
CISO January 4, 2019 Your Security Strategy Is Only as Strong as Your Cyber Hygiene 3 min read - Without full network visibility and regular utilization of cyber hygiene best practices, your enterprise could face very real, but entirely preventable, security risks.
Artificial Intelligence December 18, 2018 Machine Learning Will Transform How We Detect Software Vulnerabilities 3 min read - When used as part of the software development process, machine learning can help identify vulnerabilities before threat actors have a chance to exploit them.
Incident Response December 17, 2018 Is It Time to Start a PSIRT? Why Your CSIRT May Not Be Enough 5 min read - Your CSIRT protects your organizational network, but who secures your products? It may be time you started a PSIRT at your company.
CISO December 17, 2018 How to Check for Blind Spots in Your Security Program 3 min read - An effective security program does more than merely take on the appearance of cyber resilience. Learn how to look behind the curtain of your enterprise security.